Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/cdLvejKdL_av76sBcrH9MU221_w.roa
File: cdLvejKdL_av76sBcrH9MU221_w.roa (raw, json)
Hash identifier: QQjED2AhUm+B9AFrKZv3hO8RlApSUKuxpRrIo1I/v1c=
Subject key identifier: 71:D2:EF:7A:32:9D:2F:F6:AF:EF:AB:01:72:B1:FD:31:4D:B6:D7:FC
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0191D809D5D04FD9D4A8612777D6EE300062
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/cdLvejKdL_av76sBcrH9MU221_w.roa
Signing time: Mon 09 Sep 2024 18:26:48 +0000
ROA not before: Mon 09 Sep 2024 18:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
91.132.51.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
217.19.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Sep 2024 09:45:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d8:09:d5:d0:4f:d9:d4:a8:61:27:77:d6:ee:30:00:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 9 18:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71d2ef7a329d2ff6afefab0172b1fd314db6d7fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2a:7b:9b:3b:95:69:64:67:03:97:52:dd:be:
3c:34:12:bc:b6:af:c6:a3:b0:a1:af:9b:b8:bf:c7:
67:f4:d9:98:02:3e:03:ca:9f:3c:15:12:65:61:89:
30:29:ff:88:4b:24:3b:8b:db:40:27:f6:02:5a:0a:
d8:6b:18:32:24:43:8b:3d:dc:08:9e:96:17:aa:ae:
e6:cd:e2:ba:cb:fd:1d:52:db:39:3a:86:43:a9:9d:
bf:de:5a:dc:c7:48:e6:c9:2e:3b:86:20:f9:46:e2:
16:7d:02:bb:bf:ac:6a:8d:57:cd:ba:4f:37:61:0b:
c3:4d:10:a4:ce:c6:98:8e:da:39:ae:4e:3a:58:e5:
a0:48:b8:64:ba:98:0b:a4:eb:04:b6:64:c7:b7:a5:
de:4a:55:c2:4c:22:f7:7c:2a:bb:b2:6e:7b:f6:a2:
f2:50:b8:64:f0:13:68:16:78:65:58:4d:e8:72:2e:
13:eb:99:d0:06:9a:4f:4a:98:e9:10:0e:46:44:77:
35:69:23:e2:91:0e:f6:fb:7c:82:d2:a2:cf:6a:7e:
b4:32:cd:b6:ef:a1:f4:02:9c:a4:c2:d4:6d:33:86:
d1:64:e2:7f:d0:bd:2d:2f:f7:be:3e:6a:2b:29:cd:
b3:79:df:27:83:ae:e1:1c:b6:cb:68:db:fc:c7:ab:
29:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D2:EF:7A:32:9D:2F:F6:AF:EF:AB:01:72:B1:FD:31:4D:B6:D7:FC
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/cdLvejKdL_av76sBcrH9MU221_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
91.132.51.0/24
93.114.183.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
08:c7:21:a5:68:f9:6a:77:24:c9:ac:12:ad:80:04:c5:52:37:
98:74:52:ec:fa:cf:6f:f1:02:e0:5d:41:b0:df:66:3d:c4:3c:
bc:cb:fc:07:f2:ee:17:f7:b9:e1:10:02:27:93:ee:b7:47:1f:
5e:2a:ec:49:8d:0e:f0:ec:c7:59:64:9a:bd:17:2d:fb:34:0a:
62:86:a9:e3:e3:65:d1:74:0e:b4:00:12:6c:33:4f:93:fa:62:
fa:80:5f:b7:4f:7b:1d:c9:25:51:5b:7e:13:26:df:f2:a9:2f:
71:39:a7:3d:76:6c:b7:85:64:4d:ae:ac:e8:01:83:b0:b0:ce:
1d:db:f3:5d:78:f6:55:a6:7c:07:99:74:17:af:a6:e4:19:74:
83:3a:21:d9:66:d5:ad:f5:37:8d:63:73:19:3d:1c:97:4d:99:
32:f2:a8:78:b4:81:99:db:fe:91:ae:9b:12:94:8e:e2:70:2e:
56:73:9d:5d:93:a7:98:8d:79:fd:08:3e:88:49:f5:98:2c:fa:
58:42:fe:b6:3a:f8:92:6a:c8:d9:dc:2a:28:45:90:80:17:ec:
43:f0:90:b4:4f:c2:7d:2b:2b:03:07:8a:fa:63:96:72:58:58:
c9:38:96:cc:f3:46:fe:65:5f:7c:b0:d4:58:32:7d:31:18:96:
59:e2:76:00
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZHYCdXQT9nUqGEnd9buMABiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwOTA5MTgyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQyZWY3YTMyOWQyZmY2YWZlZmFiMDE3MmIxZmQzMTRkYjZkN2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArip7mzuVaWRnA5dS3b48NBK8tq/G
o7Chr5u4v8dn9NmYAj4Dyp88FRJlYYkwKf+ISyQ7i9tAJ/YCWgrYaxgyJEOLPdwI
npYXqq7mzeK6y/0dUts5OoZDqZ2/3lrcx0jmyS47hiD5RuIWfQK7v6xqjVfNuk83
YQvDTRCkzsaYjto5rk46WOWgSLhkupgLpOsEtmTHt6XeSlXCTCL3fCq7sm579qLy
ULhk8BNoFnhlWE3oci4T65nQBppPSpjpEA5GRHc1aSPikQ72+3yC0qLPan60Ms22
76H0ApykwtRtM4bRZOJ/0L0tL/e+PmorKc2zed8ng67hHLbLaNv8x6spdQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHHS73oynS/2r++rAXKx/TFNttf8MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvY2RMdmVqS2RMX2F2NzZzQmNySDlNVTIyMV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLYe2AwQA
WSJqAwQAW4QzAwQAXXK3AwQA2RMEMA0GCSqGSIb3DQEBCwUAA4IBAQAIxyGlaPlq
dyTJrBKtgATFUjeYdFLs+s9v8QLgXUGw32Y9xDy8y/wH8u4X97nhEAInk+63Rx9e
KuxJjQ7w7MdZZJq9Fy37NApihqnj42XRdA60ABJsM0+T+mL6gF+3T3sdySVRW34T
Jt/yqS9xOac9dmy3hWRNrqzoAYOwsM4d2/NdePZVpnwHmXQXr6bkGXSDOiHZZtWt
9TeNY3MZPRyXTZky8qh4tIGZ2/6RrpsSlI7icC5Wc51dk6eYjXn9CD6ISfWYLPpY
Qv62OviSasjZ3CooRZCAF+xD8JC0T8J9KysDB4r6Y5ZyWFjJOJbM80b+ZV98sNRY
Mn0xGJZZ4nYA
-----END CERTIFICATE-----
Generated at Fri Sep 13 12:22:10 2024 by rpki-client on console-ams.rpki-client.org